Pro-Russian 'Hackers' Sabotage Trains With $20 Radio

8:50 "proving that it is still possible to become rich as a freelance web designer" 💀
🤣

The fun fact about the radio-stop "attack" is that it's almost 50 years old, and they didnt secure it to this day, 40 years ago it was secure, because regular people didnt have access to radio equipement. Also regarding the quote from 4:02 , I think they said the same thing in 2019 but with the difference that it was supposed to be ready in 2023.

As somebody into radio, I find the trainstop one very interesting. Those cheap radios can actually transmit a surprisingly long distance, especially with an upgraded antenna. Record and play back the trainstop signal using a mobile phone.

Knew it was some random ass people with a $10 radio stopping our trains. Wasn’t far off…

If RadioStop was used in a modern-day James Bond movie, fans would dismiss it as lazy writing or a lack of imagination. It's just too stupidly simple and convenient!

Those types of "atacks" happen every day. People are just that, just people and trolls actually do that quite ofently

You are so based for pronauncing polish city name actually well, kudo's

tor with an option to use randomx instead of equix to mine even a little bit during startup as a way to "donate" would be pretty neat
of course the default would be the equix and a option to switch to randomx would be hidden somewhere in the settings menu

It's important to note that the PoW isn't for all Tor traffic; Just for making a rendevous circuit to an onionsite
It was added because it was very easy to DoS an onionsite by making a ton of rendevous circuits because it's expensive for the onionsite's guard nodes
The Proof of Work is basically just "solve this sudoku THEN I'll make the circuit"

I was in Szczecin yesterday, but the worst I seen on the trains is some white noise played from the speakers.

I want to see them trying this in Germany. Hiding in a bush somewhere with their walkie-talkie, not realizing the train they want to stop is delayed for two hours anyway😂

all these "hackers" can do is delay trains by a few minutes and annoy train drivers

That train bit is more of a wake up call then anything

This was one of the most interesting and well made cyber security news episodes yet! Thank you!

Genius. This was my first idea for TOR as well. Proof of work is exactly how you solve these sorts of problems. Its probably not gonna be as strong as you think it is. Even a very low power proof of work substantially reduces the threat from someone DDoSing, since they would need so many devices to make a substantial effect. A small proof of work scales with the number of devices you need doing it. So a normal user doesn't even notice it, but a mid size botnet slows down by a decent chunk. Has a good effect the more bots you are dealing with, but if your fighting what is described as a large scale botnet in this video your gonna have a hard time no matter what. Its simply impossible at that point to scale accordingly, because your proof of work would have to be as slow as the botnet would make you slow down - basically rendering your efforts useless, because if you don't use the PoW its gonna be slow from the attack, and if you match and use an equivalent to current load PoW no normal person is going to be able to use your network. An appropriate scaling algorithm would need to be in place, to perhaps logarithmically increase to a set cap (asymptote) which is the maximum tolerable PoW for normal users. I would look into it more, maybe make a video on it.... if I thought anyone would watch lmao

always a well done production. Thanks!

🇵🇱🇵🇱🇵🇱 MENTIONED ! !! !!!
Polish police also uses unencrypted channels which everyone with cheap radio can listen to 🤦‍♂

As a Pole I can assure everybody that that attack was futile since PKP would shut itself down anyway 12hours delay or 58hours delay is a norm

Hope you cover the Qakbot take down from the FBI!

I liked the analogy to those flipper zero kids

Was waiting for this 😊

Radio stop overuse is a common problem.
It happens (on average) a few times per day, at least since 2015 (around 500 times per year).

If these radio hackers got on top of a mountain they could cause some real chaos and all trains in their line of sight would come to a halt. They probably weren't tracked as it's really hard to be tracked if you're on the move. Especially if you transmit then hide the transmitter away.

That kind of incidents have happened multiple times in past. Kids using cheap radios and playing back recordings of a signal used to trigger radiostop. Playing Russian anthem and Putin's speach could have been part of a prank. People sometimes do stupid stuff for fun and internet is full of those idiots.

It’s funny, the radio tones can be downloaded online for free as a ringtone mp3 lol. Took me two mins to find it.

As someone who has experience with radio and railway and also lives in Poland, it's nothing new. It got so much attention from media because National Railway Administration, PKP PLK, decided to post it about it on social media, not they try to fix the leaking sewage that is leaking since. Radiostop was abused way, way earlier by people. I also speculate that it wasn't done by Pro-Russian sabotages, but by a group of young people that like trainspotting and find this type of “fun” entertaining. When it comes to GSM-R there's still a lot of to do, especially after one of the consortium companies went bankrupt.
Tl;dr It's rather just annoying type of fun for someone and everyone will forget about it in a week or two.

8:50 Nice joke there 😂😂😂

$20 radio? Must be the _Baofang._

As a Radio Amateur in the UK, I've seen these 20 dollar radios everywhere (Baofangs). The range can be miles even kilometers. With a big antenna and other more powerful radio, you can do this from your home. Also, did you change your microphone? :)

> Be pole
> Shut down a train
> Play russia_national_anthem.mp3
> Escalate into ww3
Just a little bit of trolling

As a Polish person i'm surprised i never heard of radiostop and it being abused

5:32 its not about stopping all bot traffic, its about making it cost-ineffective to send a lot of traffic.

It's always interesting to consider when hacktivist become cyberterrorists. For me, it's when their damage impacts the lives of unaffiliated civilians.

i think authentication for radiostop should be done by the hardware not someone entering a password.
in an emergency the train needs to be stopped now not 30 seconds later as soon as a password is entered.
if it isnt being done already polands fcc should have a system of radio signal tracers so they can trace the signal so the authorities can trace them.
imagine a scenario like this where there is a train sharing the same track and the train in front only a couple miles away is on fire and is stopped and evacuating and it is on a high speed track with another train behind only a couple miles away.
if they had to login and authenticate in the few seconds it takes to verify the identity the train could have moved a good part of the mile or so and if not done fast enough the train could crash into the one being evacuated.
maybe even leave the system as is and as long as no one can get hurt outside of inertia induced bruises by the pranks then just charge them with calling in false emergency or something.

the mere suggestion of asking tor to mine on client systems is absolutely disgusting(maybe it would be ok as an opt in thing)

3:18 a real payphone, Cap’n Crunch whistle dodge here

I appreciate your very good attempt to pronounce the name "Szczecin" ❤

In the UK they could bring the entire country to a halt by just sprinkling the wrong sort of leaves on the track.

Ringway Manchester also covered this too. Civilian Transport Services hacked is a huge burden on people who use public transport.

Watching this on my Train Ride rn

Set up a radiostop network over the entirety of Europe to do some trolling

thanks for putting the ad at the end of the video and not in the middle

I mean how would a Tor crypto token even retain any value, unless you also financialise other aspects of the Tor network. So it's good Tor didn't jump on the crypto train.

Yo im here in a timely manner no way. Hello from Australia!

With the Tor proof of work challenge, how well will that likely work with an older (2016) laptop?

that TOR thing is very exciting, although it pretty much makes tor a less secure i2p

It was nor hackers it was 2 police officers.people arrested already.Mentioned in news. It must be bigger operation as trains still stopping despite people were detained

3:30 lmao I was just thinking if youre limited by range and they're cheap walkie talkies just setup some relays and have coverage

Im from Poland and I didn't hear about the train sabotage😮

0:32 he could've played to serve Russia or something but he missed the opportunity

Tor being slower than usual... yep, felt that when using it for my work

They're not hackers. Such situations are repeated every few years because the GSM-R system on the railway has not yet been introduced in Poland.

Little known fact, the train signals were secretly encrypted. The sequence of tones had to be played backwards.

This is the best example of a system that is safe but not secure.
You can't do any real harm by triggering the signal, but you can incour costs and disturb the service.

There is nothing so secure that cannot be broken

Finally Indonesia in the news where Indonesia wasnt the victim! Hooray!

Just like opening the garage with a toy

We need to change this on trains.

I regularly use the Tor network for privacy reasons (tl;dr: awful family + stalker ex, who's also definitely a hacker), and while I understand why they're implementing the proof of work feature, I already hate it. I can't afford a computer built even within the last few years, and use Tor 95% of the time on mobile devices.
Like you said, it's gonna affect people in my situation.

The Tor proof of work is pretty interesting.

🎯 Key Takeaways for quick navigation:
00:00 🚂 Pro-Russian hackers used a simple method involving a cheap radio to stop Polish trains, causing disruptions.
04:30 🔒 The TOR network has faced DDoS attacks, and now users will need to complete a proof-of-work task to access it, aimed at reducing malicious traffic.
07:18 🎣 The notorious phishing platform 16shop was shut down by Interpol due to opsec mistakes by its creator, impacting thousands of users.
Made with HARPA AI

8:51 lmfao

How did you miss the French taking down the UK's entire atc system?

Baofeng strikes again

As a programmer i say this is a grave error of the company that made the system. Security by obscurity is NOT security.

2:55 I mean, technically they could. If you forked out the money to buy an RF attachment that uses that frequency, you could use the flipper to do this attack.

Amazing news

If proof of work is added to TOR, my phone wont be able to run it anymore, it can barely run browsers as is. sad

Could you have not extended the reach with simple radios in relay mode?

Wouldn't a proof of work token be unique, and identifiable to that one browser. If that could be used to identify Tor users that would not be good. Is that possible?

NICE!

5:50 Wei Dai's b-money paper mentions another reason that the POW can't be used to generate crypto-currency tokens:
"1. The creation of money. Anyone can create money by broadcasting the
solution to a previously unsolved computational problem. The only
conditions are that it must be easy to determine how much computing effort
it took to solve the problem and the solution must otherwise have no
value, either practical or intellectual. ..."
This implies that merged mining is not a great idea long-term.

You can achieve greater distance using an Yagi antenna.

It's always luxury cars- the worst investment

Messing with safety systems might have some heavier penalties than doing something else to interupt train service

radio stop is good and it is good that you could stop a train , in good intend of course (for example stoping driveless trains) but its sad to see that its abused to stop trains for no reason

Train thing sounds more like phreaking than hacking. Still, everything is a hack now days. It lost its meaning years ago.

So we're all using housing have you ever tried to look at the old rotations releasing from housing to new energy how it releases and what it depths through

Disturbing a nations public transport is more harmfull than turning off TVs in a store with your flipper zero. So yes we can call this a cyber attack

WHY IS IT ALWAYS LUXURY VEHICLES

Could you do about data leaks in Thailand?

Nice now we want more vedios but this time with actuall cyber scammer

6:30 WTF phones CPU computing power is as good as pc if implemented correctly. For example Snapdragon 8 Gen 1 CPU is better than Apple M1

is this about Poland

Homelab nerds googling stuff: Digital fort-knox in their basement
Government agencies, public service and cybercriminals: Encryption, what's that?

2:45 an easy solution is just to use some old ass steam train like a px48

🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5 🇵🇱 ARTICLE 5

The fact that you said Szczecin perfectly makes you a god

❤❤❤❤

Why does your and Jack's voice sound similar?

my grandpas job was to search such ilegally sent radio signal

On 6:08 you imply china has a problem with crypto and Tor could not implement it because of China.
As it turns out, just having Tor is a crime, so it's not a big deal.

Based.

I went to Realme Service center and Save some of there electricity bill by turning there television off via my Xiaomi phone.

Wait railroad frequencies? BWAHAHAHAHAHAHAHAHAHAHAHAHAHA

ada indonesia coy

Hmmm...

Did u hear about umich cyber attack? Wifi has been down for a week already

“proving it is still possible to become rich as a freelance web designer”
smiled, laughed, then started crying

Hello